This document explains how to call a secure Rest Web Service from a user control and provides a brief overview about it.
Consider a scenario where the web application has Integrated Security enabled, but some features of the application are solved using Web User Controls. Those User controls make calls to Rest web services to get the data from the database and populate the controls.
When the Rest service has GeneXus Access Manager (GAM) enabled - Integrated Security Level property = Authentication or Authorization, the necessary headers have to be sent to the service so as to prevent the service from responding with a 401 Error. The headers to pass to the service are described in HowTo: Develop Secure REST Web Services in GeneXus.
So, the problem to solve is to call a secure Rest web service from a user control code.
The headers to call the service are as follows:
Content-Type: application/json
Authorization: OAuth <Access Token>
GENEXUS-AGENT: SmartDevice Application
Once the end user logs in successfully using GAM (through the web login), you can get the Token corresponding to that session, and save it in a web session to pass it to the Rest service in the headers of the HTTP POST.
Get the Token corresponding to the GAM Session in the login object. Use the Token property of GAMSession object for that purpose.
&GAMSession = GAMSession.Get //&GAMSession is based on GAMSession object
&AccessToken = &GAMSession.Token
Call the secure Rest service passing the necessary headers. Through a property of the user control, it can receive the Token necessary to call the Rest Service.
While this Token is valid, the service will respond HTTP status 200 OK and will return the data. If the Token passed in the headers is not valid anymore, the service will return an HTTP Error that should be caught in the user control code.
HowTo:Using GAM in a distributed application